package com.bolt.auth.security.common.converter;

import com.bolt.auth.security.common.constant.SecurityConstants;
import com.bolt.auth.security.common.model.AuthUserDetails;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.AuthorityUtils;
import org.springframework.security.oauth2.provider.token.DefaultAccessTokenConverter;
import org.springframework.security.oauth2.provider.token.DefaultUserAuthenticationConverter;
import org.springframework.util.StringUtils;

import java.util.Collection;
import java.util.LinkedHashMap;
import java.util.Map;

/**
 * Created by Administrator on 2020/12/3.
 */
public class CustomAuthenticationConverter extends DefaultAccessTokenConverter {

    public CustomAuthenticationConverter (){
        super.setUserTokenConverter(  new JWTfaultUserAuthenticationConverter());
    }

    public  class JWTfaultUserAuthenticationConverter extends DefaultUserAuthenticationConverter {
        private static final String N_A = "N/A";

        @Override
        public Map<String, ?> convertUserAuthentication(Authentication authentication) {
            Map<String, Object> response = new LinkedHashMap();
            response.put("user_name", authentication.getName());
            if (authentication.getAuthorities() != null && !authentication.getAuthorities().isEmpty()) {
                response.put("authorities", AuthorityUtils.authorityListToSet(authentication.getAuthorities()));
            }
            AuthUserDetails authUserDetails = (AuthUserDetails) authentication.getPrincipal();
            response.put("areaCode", authUserDetails.getAreaCode());
            response.put("orgId", authUserDetails.getOrgId());
            response.put("depCode", authUserDetails.getOrgCode());
            return response;
        }

        @Override
        public Authentication extractAuthentication(Map<String, ?> map) {
            if (map.containsKey(USERNAME)) {
                Collection<? extends GrantedAuthority> authorities = getAuthorities(map);

                String  username = (String) map.get(SecurityConstants.DETAILS_USERNAME);
                String  userId = (String) map.get(SecurityConstants.DETAILS_USER_ID);
                String deptId = (String) map.get(SecurityConstants.DETAILS_DEPT_ID);
                String areaCode = (String) map.get("areaCode");
                String orgId = (String) map.get("orgId");
                String orgCode = (String) map.get("depCode");
//                AuthUserDetails user = new AuthUserDetails(userId, username,  N_A, null,null, true );
                AuthUserDetails user = new AuthUserDetails(userId, username,  N_A, null,null, true, areaCode, orgId, orgCode );
                return new UsernamePasswordAuthenticationToken(user, N_A, authorities);
            }
            return null;
        }

        private Collection<? extends GrantedAuthority> getAuthorities(Map<String, ?> map) {
            Object authorities = map.get(AUTHORITIES);
            if (authorities instanceof String) {
                return AuthorityUtils.commaSeparatedStringToAuthorityList((String) authorities);
            }
            if (authorities instanceof Collection) {
                return AuthorityUtils.commaSeparatedStringToAuthorityList(StringUtils
                        .collectionToCommaDelimitedString((Collection<?>) authorities));
            }
            throw new IllegalArgumentException("Authorities must be either a String or a Collection");
        }
    }
}

 